<?php
class Broker {
	//Kiểm tra đăng nhập của broker
	public function authentication($id,$pass){
		include $_SERVER['DOCUMENT_ROOT'].'scue'.'/configuration.php';
		$check=false;
		$sql = "SELECT * FROM broker WHERE (BrokerID ='$id')";
		if(!($result = mysql_query($sql)))
		die(mysql_errno());
		while($row = mysql_fetch_array($result)){
			$pass_n=$row['Password'];
			if($pass_n == $pass ){
				$check= true;
			}
		}
		return $check;
	}
	//Đăng kí broker
	public function setBroker($username, $password)
	{
		include $_SERVER['DOCUMENT_ROOT'].'scue'.'/configuration.php';
		$username = mysql_real_escape_string($username);
		$password = mysql_real_escape_string($password);
		$sql = "INSERT INTO broker VALUES (NULL, '$username', '$password')";
		if(!($result = mysql_query($sql)))
		die(mysql_error());
	}
	//Kiểm tra xem đã có tên đăng nhập này chưa
	public function isAlready($username)
	{
		include $_SERVER['DOCUMENT_ROOT'].'scue'.'/configuration.php';
		$sql = "SELECT BrokerID FROM broker WHERE (Username ='$username')";
		if(!($result = mysql_query($sql))) die(mysql_error());
		$nRow = mysql_num_rows($result);
		if ($nRow > 0)
		return true;
		return false;
	}
	//Show danh sách broker
	public function showTable()
	{
		include $_SERVER['DOCUMENT_ROOT'].'scue'.'/configuration.php';
		$sql = "SELECT * FROM broker";
		if(!($result = mysql_query($sql))) die(mysql_error());
		echo "<table border='1'>";
		echo "<tr><th>Username</th>
				<th>Password</th>
				<th>Action</th>
				</tr>";
		while($row = mysql_fetch_array($result))
		{
			echo "<tr>";
			echo "<td>" . $row['Username'] . "</td>";
			echo "<td>" . $row['Password'] . "</td>";
			echo "<td><button onclick=deleteBroker('".$row['Username']."')>Delete</button></td>";
			echo "</tr>";
		}
		echo "</table>";
	}
	//Xóa một broker khỏi danh sách
	public function deleteBroker($username)
	{
		include $_SERVER['DOCUMENT_ROOT'].'scue'.'/configuration.php';
		$sql = "DELETE FROM broker WHERE (Username='$username')";
		if(!($result = mysql_query($sql))) die(mysql_error());
	}
}
?>